AI Agent Threat Matrix
Matrix/Credential Harvest/T-3002
T-3002observed

Environment Variable Leakage

Access environment variables containing API keys, tokens, and connection strings

Tactic

Credential Harvest (Stage 3)

Extract API keys, tokens, and credentials from agent context and connected services

Attack Class

NEMO-CRED-LEAK

Unintended exposure of credentials through environment variables, logs, or error messages

Evidence

observed

Confirmed in real-world production systems or internet-wide exposure assessments.

DVAA Validation

env var leakage

Detection (HackMyAgent)

ENV-001ENV-002ENV-003ENV-004
npx hackmyagent secure --ci

Defense (OASB Controls)

OASB 5.1OASB 5.2OASB 5.3OASB 5.4OASB 5.5

How to Cite

AI Agent Threat Matrix T-3002 (Environment Variable Leakage). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-3002
← Back to Matrix